Total
259281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0072 | 1 Gnu | 1 Privacy Guard | 2024-02-04 | 5.0 MEDIUM | N/A |
| gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | |||||
| CVE-2004-1893 | 1 Macromedia | 2 Dreamweaver, Dreamweaver Ultradev | 2024-02-04 | 5.0 MEDIUM | N/A |
| Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp. | |||||
| CVE-2001-0749 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2024-02-04 | 7.5 HIGH | N/A |
| Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. | |||||
| CVE-2004-2126 | 1 Iss | 1 Blackice Pc Protection | 2024-02-04 | 4.6 MEDIUM | N/A |
| The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users to modify BlackICE configuration or possibly execute arbitrary code by exploiting vulnerabilities in the .INI parsers. | |||||
| CVE-2002-1856 | 1 Hp | 1 Application Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2002-0961 | 1 Voxel | 1 Cbms | 2024-02-04 | 7.5 HIGH | N/A |
| Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack. | |||||
| CVE-2003-0508 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. | |||||
| CVE-2003-1485 | 1 Clearswift | 1 Mailsweeper | 2024-02-04 | 5.0 MEDIUM | N/A |
| Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | |||||
| CVE-2002-0457 | 1 Bg Guestbook | 1 Bg Guestbook | 2024-02-04 | 7.6 HIGH | N/A |
| Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote attackers to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location, or (6) message. | |||||
| CVE-2002-1616 | 1 Hp | 1 Tru64 | 2024-02-04 | 7.2 HIGH | N/A |
| Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | |||||
| CVE-2002-1712 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3. | |||||
| CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.1 HIGH | N/A |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2024-02-04 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
| CVE-2001-0537 | 1 Cisco | 1 Ios | 2024-02-04 | 9.3 HIGH | N/A |
| HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. | |||||
| CVE-1999-1183 | 1 Sgi | 1 Irix | 2024-02-04 | 7.6 HIGH | N/A |
| System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type. | |||||
| CVE-2003-0676 | 1 Sun | 2 Iplanet Directory Server, One Directory Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. | |||||
| CVE-2002-2108 | 1 Sony | 1 Vaio Manual Cybersupport | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-mail. | |||||
| CVE-2001-1512 | 1 Macromedia | 1 Jrun | 2024-02-04 | 6.4 MEDIUM | N/A |
| Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050. | |||||
| CVE-1999-0767 | 1 Sun | 2 Solaris, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. | |||||
| CVE-2001-0786 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. | |||||